OLD | NEW |
| (Empty) |
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 // Unit tests for UsernamePassword. | |
6 | |
7 #include "cryptohome/authenticator.h" | |
8 | |
9 #include <openssl/sha.h> | |
10 #include <string.h> // For memset(), memcpy() | |
11 #include <stdlib.h> | |
12 | |
13 #include "base/file_path.h" | |
14 #include "base/file_util.h" | |
15 #include "base/logging.h" | |
16 #include "chromeos/utility.h" | |
17 #include "cryptohome/username_passhash.h" | |
18 #include "gtest/gtest.h" | |
19 | |
20 namespace cryptohome { | |
21 using namespace chromeos; | |
22 using namespace file_util; | |
23 using std::string; | |
24 | |
25 const char kImageDir[] = "test_image_dir"; | |
26 const char kFakeUser[] = "testuser@invalid.domain"; | |
27 | |
28 class AuthenticatorTest : public ::testing::Test { | |
29 void SetUp() { | |
30 FilePath image_dir(kImageDir); | |
31 FilePath path = image_dir.Append("salt"); | |
32 ASSERT_TRUE(PathExists(path)) << path.value() << " does not exist!"; | |
33 | |
34 int64 file_size; | |
35 ASSERT_TRUE(GetFileSize(path, &file_size)) << "Could not get size of " | |
36 << path.value(); | |
37 | |
38 char buf[file_size]; | |
39 int data_read = ReadFile(path, buf, file_size); | |
40 system_salt_.assign(buf, buf + data_read); | |
41 } | |
42 | |
43 public: | |
44 string GetWeakHash(const char* password) { | |
45 SHA256_CTX sha_ctx; | |
46 unsigned char md_value[SHA256_DIGEST_LENGTH]; | |
47 | |
48 string system_salt_ascii(AsciiEncode(system_salt_)); | |
49 | |
50 SHA256_Init(&sha_ctx); | |
51 SHA256_Update(&sha_ctx, system_salt_ascii.c_str(), | |
52 system_salt_ascii.length()); | |
53 SHA256_Update(&sha_ctx, password, strlen(password)); | |
54 SHA256_Final(md_value, &sha_ctx); | |
55 | |
56 return AsciiEncode(Blob(md_value, md_value + SHA256_DIGEST_LENGTH / 2)); | |
57 } | |
58 | |
59 private: | |
60 Blob system_salt_; | |
61 }; | |
62 | |
63 TEST_F(AuthenticatorTest, BadInitTest) { | |
64 // create an authenticator that points to an invalid shadow root | |
65 // and make sure it complains | |
66 Authenticator authn("/dev/null"); | |
67 UsernamePasshash up(kFakeUser, strlen(kFakeUser), | |
68 "zero", 4); | |
69 | |
70 EXPECT_EQ(false, authn.Init()); | |
71 EXPECT_EQ(false, authn.TestAllMasterKeys(up)); | |
72 } | |
73 | |
74 TEST_F(AuthenticatorTest, GoodDecryptTest0) { | |
75 Authenticator authn(kImageDir); | |
76 string passhash = GetWeakHash("zero"); | |
77 UsernamePasshash up(kFakeUser, strlen(kFakeUser), | |
78 passhash.c_str(), passhash.length()); | |
79 | |
80 EXPECT_EQ(true, authn.Init()); | |
81 EXPECT_EQ(true, authn.TestAllMasterKeys(up)); | |
82 } | |
83 | |
84 TEST_F(AuthenticatorTest, GoodDecryptTest1) { | |
85 Authenticator authn(kImageDir); | |
86 string passhash = GetWeakHash("one"); | |
87 UsernamePasshash up(kFakeUser, strlen(kFakeUser), | |
88 passhash.c_str(), passhash.length()); | |
89 | |
90 EXPECT_EQ(true, authn.Init()); | |
91 EXPECT_EQ(true, authn.TestAllMasterKeys(up)); | |
92 } | |
93 | |
94 TEST_F(AuthenticatorTest, GoodDecryptTest2) { | |
95 Authenticator authn(kImageDir); | |
96 string passhash = GetWeakHash("two"); | |
97 UsernamePasshash up(kFakeUser, strlen(kFakeUser), | |
98 passhash.c_str(), passhash.length()); | |
99 | |
100 EXPECT_EQ(true, authn.Init()); | |
101 EXPECT_EQ(true, authn.TestAllMasterKeys(up)); | |
102 } | |
103 | |
104 TEST_F(AuthenticatorTest, BadDecryptTest) { | |
105 Authenticator authn(kImageDir); | |
106 string passhash = GetWeakHash("bogus"); | |
107 UsernamePasshash up(kFakeUser, strlen(kFakeUser), | |
108 passhash.c_str(), passhash.length()); | |
109 | |
110 EXPECT_EQ(true, authn.Init()); | |
111 EXPECT_EQ(false, authn.TestAllMasterKeys(up)); | |
112 } | |
113 | |
114 } // namespace cryptohome | |
OLD | NEW |